Browse
related articles
U.S. federal agencies are increasingly offering online portals for both citizens and non-governmental organizations to access sensitive information and to advance the access and exchange of sensitive information across agencies.
However, external threats such as cyber attacks continue to increase and grow more sophisticated, creating a significant challenge for the safeguard of social security numbers, confidential intelligence reports and other sensitive data. In addition, insider risk can cause accidental leakage or misuse of sensitive data as it is collected, stored and shared. These external and internal threats can be mitigated by the RSA Adaptive Authentication solution and the RSA Data Loss Prevention Suite.
"RSA continuously works to provide organizations within the public and private sectors with solutions that meet key standards, including those that require third-party-validation.,"
said Ahmed Abdella, Regional Manager - Middle East, North and West Africa, RSA.
"Critical to this success are Common Criteria certifications that meet U.S. federal agency requirements for the evaluation and purchase of information security technologies."
Common Criteria Certification
The CCEVS is an internationally recognized ISO standard (ISO/IEC15408) used by governments and other organizations to assess the security and assurance of technology products. Common Criteria certification provides assurance that the process of specification, implementation and evaluation of a computer security product has been conducted in a rigorous and standard manner. In the United States, federal agencies mandate that all IT products purchased by the government for national security systems, which handle classified and some non-classified information, are Common Criteria certified.
To gain compliance, a product's security features are evaluated by an accredited commercial testing lab using Common Evaluation methodology. This is followed by an independent validation of evaluation results via Common Criteria authorized schemes, assessing the results of security evaluations conducted by licensed, independent labs. The resulting certification and validation report demonstrates conformance to Common Criteria.
Common Criteria Certified Solutions from RSA
- RSA Adaptive Authentication (on premise) is a risk-based authentication and fraud detection platform used by more than 8,000 organizations, authenticating over 250 million users including many government agencies. Through risk indicators powered by the RSA Risk Engine, such as device identification, IP geo-location, behavioral profiling, and fraud data from the RSA eFraudNetworkTM community Adaptive Authentication is able to protect government portals against advanced cyber threats.
- The RSA Data Loss Prevention (DLP) Suite helps uncover organizational risk associated with the loss of sensitive data and dynamically lowers that risk through policy-based remediation and enforcement of controls across the enterprise. The Suite includes RSA Data Loss Prevention Endpoint, RSA Data Loss Prevention Network, and RSA Data Loss Prevention Datacenter - all managed by the RSA Data Loss Prevention Enterprise Manager.
- RSA Digital Certificate Solutions are interoperable modules designed to manage digital certificates and create an environment for authenticated, private and legally binding electronic communications and transactions.
Currently Under Official Evaluation for Common Criteria Certification:
- RSA enVision platform
- RSA Access Manager
Posted by Nadeen El Ajou
